[cli] add cli toggle (for test harness) to accept tmf udp messages fr…

…om unknown origins Reference devices that are part of the Thread test harness construct CoAP packets sent on TMF port 61631 for certain tests, for example in the 5.9.x series where they have to force address errors (a/ae) for duplicate DUA or re-registration tests. These tests started to fail when reference device firmware was updated recently to a newer OpenThread stack that included the change in openthread#9437. Example: ``` udp send fd00:db9:0:0:0:ff:fe00:5000 61631 -x 4102d63697b16e02646eff0401010010fd007d037d037d0389c3a350cdcf36e0' Ip6-----------: Dropping TMF message from untrusted origin ``` For certification purposes, we are adding a cli toggle (for reference devices) to disable the filter that drops TMF messages from unknown origins.
SiliconLabs · Apr 17, 2024 · 6494419 · 6494419
1 parent a234add
commit 6494419
Show file tree

Hide file tree

Showing 7 changed files with 161 additions and 3 deletions.
diff --git a/include/openthread/instance.h b/include/openthread/instance.h
@@ -53,7 +53,7 @@ extern "C" {
  * @note This number versions both OpenThread platform and user APIs.
  *
  */
-#define OPENTHREAD_API_VERSION (404)
+#define OPENTHREAD_API_VERSION (405)
 
 /**
  * @addtogroup api-instance

diff --git a/include/openthread/thread_ftd.h b/include/openthread/thread_ftd.h
@@ -851,6 +851,35 @@ void otThreadSetCcmEnabled(otInstance *aInstance, bool aEnabled);
  */
 void otThreadSetThreadVersionCheckEnabled(otInstance *aInstance, bool aEnabled);
 
+/**
+ * Sets whether the filter to drop TMF UDP messages from untrusted origin is enabled.
+ *
+ * TMF messages are only trusted when they originate from a trusted source, such as the Thread interface. In
+ * special cases, such as when a device uses platform UDP socket to send TMF messages, they will be dropped due
+ * to untrusted origin. This filter is enabled by default.
+ *
+ * When this filter is disabled, UDP messages sent to the TMF port that originate from untrusted origin (such as
+ * host, CLI or an external IPv6 node) will be allowed.
+ *
+ * @note This API requires `OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE` and is only used by Thread Test Harness
+ * to test network behavior by sending special TMF messages from the CLI on a POSIX host.
+ *
+ * @param[in]  aInstance  A pointer to an OpenThread instance.
+ * @param[in]  aEnabled   TRUE to enable filter, FALSE otherwise.
+ *
+ */
+void otThreadSetTmfOriginFilterEnabled(otInstance *aInstance, bool aEnabled);
+
+/**
+ * Indicates whether the filter that drops TMF UDP messages from untrusted origin is enabled or not.
+ *
+ * This is intended for testing only and available when `OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE` config is enabled.
+ *
+ * @returns TRUE if the filter is enabled, FALSE otherwise.
+ *
+ */
+bool otThreadIsTmfOriginFilterEnabled(otInstance *aInstance);
+
 /**
  * Gets the range of router IDs that are allowed to assign to nodes within the thread network.
  *

diff --git a/src/cli/README.md b/src/cli/README.md
@@ -123,6 +123,7 @@ Done
 - [tcp](README_TCP.md)
 - [thread](#thread-start)
 - [timeinqueue](#timeinqueue)
+- [tmforiginfilter](#tmforiginfilter-enable)
 - [trel](#trel)
 - [tvcheck](#tvcheck-enable)
 - [txpower](#txpower)
@@ -3728,6 +3729,39 @@ Reset the TX queue time-in-queue statistics.
 Done
 ```
 
+### tmforiginfilter \[enable|disable\]
+
+Enable/disable filter that drops UDP messages sent to the TMF port from untrusted origin. Also get the current state
+of the filter if no argument is specified.
+
+Note: This filter is enabled by default.
+
+This is intended for testing only. `OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE` is required.
+
+Get the current state of the filter.
+
+```
+> tmforiginfilter
+Enabled
+```
+
+Enable or disable the filter.
+
+```
+> tmforiginfilter enable
+Done
+>
+> tmforiginfilter
+Enabled
+>
+> tmforiginfilter disable
+Done
+>
+> tmforiginfilter
+Disabled
+>
+```
+
 ### trel
 
 Indicate whether TREL radio operation is enabled or not.
@@ -3821,7 +3855,7 @@ Done
 
 ### tvcheck disable
 
-Enable thread version check when upgrading to router or leader.
+Disable thread version check when upgrading to router or leader.
 
 Note: Thread version check is enabled by default.
 

diff --git a/src/cli/cli.cpp b/src/cli/cli.cpp
@@ -1251,6 +1251,56 @@ template <> otError Interpreter::Process<Cmd("ccm")>(Arg aArgs[])
     return ProcessEnableDisable(aArgs, otThreadSetCcmEnabled);
 }
 
+template <> otError Interpreter::Process<Cmd("tmforiginfilter")>(Arg aArgs[])
+{
+    otError error = OT_ERROR_NONE;
+
+    /**
+     * @cli tmforiginfilter
+     * @code
+     * tmforiginfilter
+     * Enabled
+     * @endcode
+     * @cparam tmforiginfilter [@ca{enable|disable}]
+     * By default the filter that drops TMF UDP messages from untrusted origin
+     * is enabled. When disabled, UDP messages sent to the TMF port that originate
+     * from untrusted origin (such as host, CLI or an external IPv6 node) will be
+     * allowed.
+     * @note `OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE` is required.
+     * @sa otThreadIsTmfOriginFilterEnabled
+     */
+    if (aArgs[0].IsEmpty())
+    {
+        OutputEnabledDisabledStatus(otThreadIsTmfOriginFilterEnabled(GetInstancePtr()));
+    }
+    /**
+     * @cli tmforiginfilter (enable,disable)
+     * @code
+     * tmforiginfilter enable
+     * Done
+     * @endcode
+     * @code
+     * tmforiginfilter disable
+     * Done
+     * @endcode
+     * @par
+     * Enables or disables the filter that drops TMF UDP messages from untrusted origin.
+     * This filter is enabled by default.
+     * @note `OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE` is required.
+     * @sa otThreadSetTmfOriginFilterEnabled
+     */
+    else
+    {
+        bool enable;
+
+        SuccessOrExit(error = Interpreter::ParseEnableOrDisable(aArgs[0], enable));
+        otThreadSetTmfOriginFilterEnabled(GetInstancePtr(), enable);
+    }
+
+exit:
+    return error;
+}
+
 /**
  * @cli tvcheck (enable,disable)
  * @code
@@ -8702,6 +8752,9 @@ otError Interpreter::ProcessCommand(Arg aArgs[])
 #if OPENTHREAD_CONFIG_TX_QUEUE_STATISTICS_ENABLE
         CmdEntry("timeinqueue"),
 #endif
+#if OPENTHREAD_FTD && OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE
+        CmdEntry("tmforiginfilter"),
+#endif
 #if OPENTHREAD_CONFIG_RADIO_LINK_TREL_ENABLE
         CmdEntry("trel"),
 #endif

diff --git a/src/core/api/thread_ftd_api.cpp b/src/core/api/thread_ftd_api.cpp
@@ -388,6 +388,16 @@ void otThreadSetThreadVersionCheckEnabled(otInstance *aInstance, bool aEnabled)
     AsCoreType(aInstance).Get<Mle::MleRouter>().SetThreadVersionCheckEnabled(aEnabled);
 }
 
+void otThreadSetTmfOriginFilterEnabled(otInstance *aInstance, bool aEnabled)
+{
+    AsCoreType(aInstance).Get<Ip6::Ip6>().SetTmfOriginFilterEnabled(aEnabled);
+}
+
+bool otThreadIsTmfOriginFilterEnabled(otInstance *aInstance)
+{
+    return AsCoreType(aInstance).Get<Ip6::Ip6>().IsTmfOriginFilterEnabled();
+}
+
 void otThreadGetRouterIdRange(otInstance *aInstance, uint8_t *aMinRouterId, uint8_t *aMaxRouterId)
 {
     AssertPointerIsNotNull(aMinRouterId);

diff --git a/src/core/net/ip6.cpp b/src/core/net/ip6.cpp
@@ -65,6 +65,10 @@ namespace Ip6 {
 
 RegisterLogModule("Ip6");
 
+#if OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE
+bool Ip6::mTmfOriginFilterEnabled = true;
+#endif
+
 Ip6::Ip6(Instance &aInstance)
     : InstanceLocator(aInstance)
     , mIsReceiveIp6FilterEnabled(false)
@@ -1239,7 +1243,11 @@ Error Ip6::HandleDatagram(OwnedPtr<Message> aMessagePtr, bool aIsReassembled)
                 error = aMessagePtr->Read(aMessagePtr->GetOffset() + Udp::Header::kDestPortFieldOffset, destPort));
             destPort = BigEndian::HostSwap16(destPort);
 
-            if (destPort == Tmf::kUdpPort)
+            if (destPort == Tmf::kUdpPort
+#if OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE
+                && mTmfOriginFilterEnabled
+#endif
+            )
             {
                 LogNote("Dropping TMF message from untrusted origin");
                 ExitNow(error = kErrorDrop);

diff --git a/src/core/net/ip6.hpp b/src/core/net/ip6.hpp
@@ -350,6 +350,26 @@ class Ip6 : public InstanceLocator, private NonCopyable
     void ResetBorderRoutingCounters(void) { ClearAllBytes(mBorderRoutingCounters); }
 #endif
 
+#if OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE
+
+    /**
+     * Enables or disables the filter that drops TMF UDP messages from untrusted origin.
+     *
+     * @param[in]  aEnabled  TRUE to enable filter, FALSE otherwise.
+     *
+     */
+    void SetTmfOriginFilterEnabled(bool aEnabled) { mTmfOriginFilterEnabled = aEnabled; }
+
+    /**
+     * Indicates whether the filter that drops TMF UDP messages from untrusted origin is enabled or not.
+     *
+     * @returns TRUE if the filter is enabled, FALSE otherwise.
+     *
+     */
+    static bool IsTmfOriginFilterEnabled(void) { return mTmfOriginFilterEnabled; }
+
+#endif // OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE
+
 private:
     static constexpr uint8_t kDefaultHopLimit      = OPENTHREAD_CONFIG_IP6_HOP_LIMIT_DEFAULT;
     static constexpr uint8_t kIp6ReassemblyTimeout = OPENTHREAD_CONFIG_IP6_REASSEMBLY_TIMEOUT;
@@ -419,6 +439,10 @@ class Ip6 : public InstanceLocator, private NonCopyable
     Tcp mTcp;
 #endif
 
+#if OPENTHREAD_CONFIG_REFERENCE_DEVICE_ENABLE
+    static bool mTmfOriginFilterEnabled;
+#endif
+
 #if OPENTHREAD_CONFIG_IP6_FRAGMENTATION_ENABLE
     MessageQueue mReassemblyList;
 #endif